ASP MVC C#: Is it possible to pass dynamic values into an attribute?

Question

Okay I'm very new to C# and i'm trying to create a little website using ASP MVC2.

I want to create my own authorization attribute. but i need to pass some values if this is possible.

For example:

    [CustomAuthorize(GroupID = Method Parameter?]
    public ActionResult DoSomething(int GroupID)
    {
        return View("");
    }

I want to authorize the access to a page. but it depends on the value passed to the controller. So the authorization depends on the groupID. Is this possible to achieve this in any way?.

Thanks in advance.

Answer 1

You get it from Request.Form

public class CustomAuthorizeAttribute : AuthorizeAttribute
{
    protected override bool AuthorizeCore(HttpContextBase httpContext)
    {
       //httpContext.Request.Form["groupid"]
        return base.AuthorizeCore(httpContext);
    }
}

Answer 2

Use the value provider:

public class CustomAuthorizeAttribute : FilterAttribute, IAuthorizationFilter
{
    public void OnAuthorization(AuthorizationContext filterContext)
    {
        var result = filterContext.Controller.ValueProvider.GetValue("GroupId"); //groupId should be of type `ValueProviderResult`

        if (result != null)
        {
            int groupId = int.Parse(result.AttemptedValue);

            //Authorize the user using the groupId   
        }
   }

}

This article may help you.

HTHs,
Charles